With Cloud computing new threats on IT systems have emerged, which refrains companies and administrations from using Clouds. Notable reasons are: different tenants share the same physical resources using infrastructure virtualization, clients delegate administration tasks to cloud operators, client only administrate virtual resources, and virtualization brings new vulnerabilities.
The diversity of approaches addressing these threats can be observed in the French research community.
The goal of the SEC2 Workshop is, during one day, to gather the French research community in Cloud security, in order to show advances in the state of the art, to know each other’s initiatives, and to promote new collaborations to address the numerous open challenges.
The first edition of the SEC2 Workshop was organized in conjunction with Compas’2015 and was a great success, with about twenty attendees and 15 talks.
The goal of this second edition is to follow this success up.
Two sessions will be dedicated to invited presentations about reseach activities
related to the workshop topics.
One or two remarkable PhD thesis defenses of the past year will be replayed,
interleaved between these sessions.
A session will also allow PhD students and post-docs to present their research
topic in 15 minutes. Submission instructions and publication conditions are detailed on the dedicated page.
In this second edition, the workshop will focus again on infrastructure-level approaches to secure clouds and offer relevant security services to clients. Topics of interest include and are not limited to:
- Security of new Cloud models, new virtualization architectures (e.g., edge computing, fog computing…)
- New threats related to outsourcing and virtualization
- Vulnerabilities in hypervisors and new types of virtualization (containers, nested virtualization, unikernels…), security by design in hypervisors
- Securing hypervisors, virtual machines, and network devices
- Introspection techniques
- Techniques for isolation and side channel mitigation
- Hardware to secure virtual infrastructures
- Advanced cryptography to secure data
- Integrity of data outsourced in Clouds
- Vulnerabilities in SDN (Software-Defined Networking) systems and architectures
- Security monitoring in Clouds, self-adaptable protection and monitoring
- COTS (Component on the shelf) for protection and monitoring
- Collaboration between virtualization infrastructure and virtualized infrastructure, sharing of security agents between cloud clients and operators
- Definition, combination, and enforcement of protection and monitoring policies
- Trade-off between security and resource usage
- Service-Level Agreement (SLA) to secure virtualized infrastructures
The SEC2 2016 Workshop is co-located with Compas’2016 in Lorient, France.